Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-21548

Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.

Published

2023-03-17T06:15:51.937

Last Modified

2024-11-21T05:48:34.293

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.4 (HIGH)

Weaknesses

Type: Secondary
CWE-295
Type: Primary
CWE-295

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dell	emc_unisphere_for_powermax	< 9.1.0.27	Yes
Application	dell	emc_unisphere_for_powermax_virtual_appliance	< 9.1.0.27	Yes
Operating System	dell	powermax_os	5978	Yes

References

https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)